03:51 PM
Dark Reading
Dark Reading
Products and Releases

Merchant Link Announces End-To-End Encryption And Tokenization To Reduce PCI Burden

Solution secures both 'data in-flight' and 'data at rest'

SILVER SPRING, MD (August 3, 2010) -- As merchants face the ongoing challenge of PCI compliance and securing their customers’ credit card data, Merchant Link, a leader in the secure payment gateway market, today announces that it is offering a combined end-to-end encryption (E2EE) and tokenization solution which will dramatically lower the cost of attaining and maintaining PCI compliance.

Hotels, restaurants and retailers will now benefit from Merchant Link’s E2EE solution as well as the TransactionVault' tokenization solution. From the point of swipe to transaction completion, Merchant Link’s comprehensive solution secures both “data in-flight” and “data at rest,” meaning both stored credit card data and transaction data flowing through networks will be protected from hackers and cyber criminals. This both dramatically reduces risk of a breach and reduces PCI scope up to 81% based on the PCI Self-Assessment Guidelines.

“The new solution protects credit card data throughout the entire transaction life cycle,” said Dan Lane, Chief Technology Officer, Merchant Link. “Further, both end-to-end encryption and tokenization are expected to be key solutions highlighted in the October 2010 release of the next PCI DSS standard. The offering demonstrates our ongoing commitment to provide the highest level of security and service in the industry, allowing our customers to get out of the credit card business and focus on their core mission.”

Key Advantages:

ENCRYPTING WITHIN THE MSR / DECRYPTING OUTSIDE YOUR IT ENVIRONMENT: The new solution encrypts sensitive credit card information within the actual magnetic stripe reader (MSR) right at the point of swipe and as it travels through the merchant’s IT environment. Decryption occurs within Merchant Link’s hosted payment gateway, away from merchant systems and thus dramatically reduces the risk of compromised data.

COMBINING E2EE WITH NEXT GENERATION TOKENIZATION: Layering tokenization with end-to-end encryption greatly improves data security. Merchant Link’s TransactionVault tokenization solution uses tokens that distinguish themselves from others by remaining associated with the card. This allows the tokens to be tracked for all guest transactions, customer analytics, and marketing purposes. TransactionVault is in use at more than 15,000 restaurants, hotels and retail establishments and is the most widely adopted tokenization solution on the market.

FLEXIBILITY: The new solution is designed to integrate with any encrypting device, offering merchants flexibility in their hardware solutions. In addition, the Merchant Link Payment GatewayTM connects to all major credit card processors and offers merchants the freedom to switch between processors quickly, easily and efficiently, keeping them in control of their offerings and rates.

About Merchant Link

Merchant Link is a leading payments gateway company, providing PCI compliance, secure solutions, data transport services and comprehensive technology to merchants, software providers and credit card processors. Its premier product, TransactionVault', features next generation tokenization technology by replacing each card number with unique, multi-use tokens. Merchant Link currently supports more than 150,000 hotels, restaurants, retail stores, and other venues, and maintains connectivity to the major US payment card processors. Founded in 1993 and headquartered in Silver Spring, Md., Merchant Link handles more than 3 billion transactions for some of the world's best-known merchants. Further information is available at

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2018-11-15
HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh.
PUBLISHED: 2018-11-15
The server in mubu note 2018-11-11 has XSS by configuring an account with a crafted name value (along with an arbitrary username value), and then creating and sharing a note.
PUBLISHED: 2018-11-15
XSS in the Ninja Forms plugin before 3.3.18 for WordPress allows Remote Attackers to execute JavaScript via the includes/Admin/Menus/Submissions.php (aka submissions page) begin_date, end_date, or form_id parameter.
PUBLISHED: 2018-11-15
Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API.
PUBLISHED: 2018-11-15
An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file.